•  Automotive  suppliers  use  PLM  to  meet  Big  Three  automakers’  quality  mandates. 


COMPUTERWORLD 


Windows  Datacenter 
Grows  Up,  Gains  Ground 


IT  Auditors  Coveted,  Hard  to  Find 


Microsoft  partner  Unisys  upgrades  ES7000 
line;  some  users  eye  move  to  other  hardware 


from  68  nonclustered 


Companies  compete 
for  needed  skills  as 
Sarb-Ox  deadlines  nea 


banes-Oxley  Act  compliance 


utility,  is  offering  an  “impres¬ 
sive-  salary'  bump,  a  generous 
relocation  fund  for  his  family 
i  a  handsome  stock-option 


chunk  to  my  401(k)  retirement 
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COMPVTERWORLD 


Windows  Datacenter 
Grows  Up,  Gains  Ground 

Microsoft  partner  Unisys  upgrades  ES7000  |  tronical,y  collected  data 
line;  some  users  eye  move  to  other  hardware  aToI^eTsites  in 


IT  Auditors  Coveted,  Hard  to  Find 


Companies  compete 
for  needed  skills  as  u 
KaitK  K  deadlines  near  s 


soft  Corp.'s  high-end  Win- 


felt  that  they  had 
lonely  path. 


its  ES7000  line  and 


Datacenter  program,  indi- 
ally  making  progress  in  its 


tion  of  Windows.  Fo 


ning  the  Windows  Data¬ 
center  Edition  and  half  run¬ 
ning  the  Enterprise  Edition, 


IBM,  EMC  Clash 
Over  Storage 
Virtualization 

|  IBM  adds  support  for 
KMC  s  arrays;  KMC 
pnxluet  due  next  year 


Your  potential.  Our  passion.' 


"With  130  different  business  units,  we're 
like  the  ultimate  manageability  case  study." 


ier,  Technology  Development, 


Microsoft  Windows  Server  System  makes  Siemens1 
inrrasiructure  easier  to  manage.  Here's  how:  using 
Windows  Server  2003  with  Active  Directory  and 
Exchange  Server  2003,  Siemens  built  a  single 
directory  with  over  400,000  identities  worldwide 
across  130  business  units.  This  allows  them  to 
manage  identities  at  both  a  global  and  local  level. 
It's  software  that  helps  you  do  more  with  less.  Get 
the  full  Siemens  story  and  a  hands-on  management 
tool  at  microsoft.com/wssystem 


ki¬ 


ll 


.  ■  • 


Goodbye 

Hackers 


The  right  management  should  do  more  than  just  protect. 

It  should  also  enable. 

eTrusf  Security  Management  Software 

With  eTrust  security  management  software,  your  information  isn't  just  safeguarded  from  internal  and  external  threats. 
We  provide  authorized  customers,  partners,  and  employees  with  appropriate  access  that  can  help  your  business  grow. 
In  addition  to  securing  data,  eTrust  also  provides  a  single  view  of  your  security  environment,  so  you  can  make  real-time 
decisions  based  on  comprehensive  information.  If  you're  looking  for  ways  to  minimize  risk  while  maximizing  your 
potential,  or  to  get  a  white  paper,  go  to  ca.com/security. 

Computer  Associates® 


^  Hello 
customers 


Microsoft  Patch 
Hampers  Win  2k 


IBM  Enhances  iSeries  With 
Partitioning,  Power5  Chips 


Meanwhile  i  VII  ndvnna 


from  logging  in  or  is  causing  the 


its  Secure  Sockets  Layer  imple¬ 
mentation  Microsoft  said  it's 
researching  the  problem. 


IBM  Releases  Beta 
Of  DB2  Upgrade 


CEO  Sees  SAP  Software 
On  More  Intel  Clusters 


Wal-Mart,  Suppliers  I^mlervew  follow: 

Start  Testing  RFID  a,.  , commend, n 


the  trial,  and  Wal-Mart  said  all  but 
hwo  of  its  top  100  suppliers  are  on 
track  to  meet  a  January  deadline 


Utility  Hopes 
Customer 
Alert  System 
Will  Save 
Time,  Energy 
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GUM  IBM  Enhances  iSeries  With 


Of  DB2  Upgrade 


Partitioning,  Power5  Chips 


MeanwWl&  Dell  advances  Wintel  cause  I 
bmoo^to  by  forging  enterprise  pact  with  SAP 


HEWS 


the  Wintel  platform. 

to  standards-based  products  at 
an  increasing  rate,"  Dell  said. 
“Our  strategy  is  to  accelerate 
the  development  of  standards- 
based  technology  in  the  enter¬ 
prise  by  partnering  with  com- 


have”  than  to  cluster  servers  to¬ 
gether  IBM  offers  clusters  in  its 
Intel-based  xSeries  platform 


Suppliers  Use  PLM  Tools  to  Meet 
Automakers’  Development  Mandates 


Freudenberg-NOK  has  been 
required  by  the  Big  Three  and 


mouth,  Mich.-based  supplie 
fulfilled  this  so-called  Ad- 


|  Mass.-based  Aras  gives  users 
workflows  for  capturing  infor- 


comply  with  APQP  require¬ 
ments,  said  Tom  Gill,  directo: 


from  other  vendors,  including  j 

AG  and  MatrixOne  Inc.,  be¬ 
fore  choosing  Aras.  Its  goal  is  | 


costs,  quality  and  schedules 
in  accordance  with  APQP 

Powerway  Inc.  in  Indiana  po 


the  market  that  Aras  is  going 
Despite  the  benefits,  there 

Running  the  bandwidth¬ 
intensive  Web-based  applies-, 

said.  Moreover.  Aras  is  still 
smalt,  so  due  diligence  needs 


that  is.  ensured  that  it  will  be 


DaimlerChrysier 
Outsources  to  EDS 


IBM  Extends  Morgan 
Stanley  Agreement 


A  Simple  Solution  to 
Moving  U  Jobs . . . 

. . .  offshore  is  to  make  U.S.  developers'  salaries  more  com¬ 
petitive,  But  who  wants  to  take  pay  cuts?  Plenty  of 
you,  it  seems.  That’s  the  discovery  made  by  Mark 
Jennings,  a  vice  president  at  Synergroup  Systems 
Inc.  in  Aliso  Viejo,  Calif.  His  company  augments  per¬ 
sonnel  shortages  in  IT  shops  with  U.S.-based  work¬ 
ers  —  a  rare  phenomenon  of  late.  But.  Jennings  says. 
Look  to  offshore 

{crammers  will  lake  wages  Companies  for  jobs  .  .  . 
that  are  competitive  with  ...  in  the  U.S..  suggests  the 

those  of  workers  in  Bangalore.  Organization  lor  International  ' 


and  40%  initial  public  offer¬ 
ings.  IT  managers  help  ven- 

only  the  viability  of  potential 

buy  a  young  vendor's  prod- 

el.  that  start-up  might  need 


AppCompress.  part  of  the 
July  release,  will  compress  all 
TCP-based  applications,  not 
just  HTTP  data.  The  upgrade 
also  includes  AppDefend. 
which  can  inspect  packet 
payloads  and  apply  security 
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™SP  EON  HE  MARK 


Users  Seek  Relief 
From  SCO’s  Suits 

DaJmkrCtvyslar  AG,  one  of  the 
tom  Linux  users  sued  by  The  SCO 
Group  Inc.  In  Much  [QukUJnii 
45249],  hesxsked. state  job* 


ings.  IT  managers  help  ven- 

Uaimlerunrysler  m  ■  |  m  m  m  ture  capitalists  determine  n< 

A  Simple  Solution  to 
^re“^’^?kDa,a  Moving  FT  Jobs ... 


. .  offshore  is  to  make  U.S.  developers'  salaries  more  com- 
efitive.  But  who  wants  to  take  pay  cuts?  Plenty  of 
'ou.  it  seems.  That’s  the  discovery  made  by  Mark 


Microsoft 
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Health  Care  IT  Plans 
Get  a  Renewed  Push 


Hush,  industry  groups  trv  to  jump-start 
adoption  of  new  medical  technologies 

technologies  such  as  electron- 

dardizing  the  exchange  of  in- 

Michael  Myers,  vice  presi- 

emerging  health  care 

o 

for  the  development  of  elec- 

ed  30  patient-safety  practices. 

(CIH3E)  systems.  Leapfrog  of¬ 
ficials  said  the  postings  are  an 

pitals  that  have  instituted  the 

Hr.  Brian  laeobs,  director  of 
technology  and  patient  safety 

dollar  return  on  investment 

from  medical  errors. 

charge  [QuickLink  39674]. 

dent  and  general  manager  of 

Wcb-based  tnedical  records. 

0  46587 

script  ion-ordering  systems 

pital  Medical  Center,  said  the 
separate  developments  "lit  a 

Health  Care  IT  Developments 

■  A  group  ol  hospitals,  federal  •  The  Food  and  Drug  Administration  man  President  Bush  unveika 

electronic  medical  records 

1  could  take  more  than  10  years. 

|  He  said  his  hospital  has  diffl-  ; 

:  lor  proposed  technology  standards 

thousands  ol  drugs  dispensed  in  hospi 

als  medical  records 

recordsjhat  can  be  transmit- 

from  different  vendors,  let 

«  The  Department  ol  Health  and  Human  Services  «  Health  ca 

,«V'™Wrndu«!,l!u|hn''1’ 

alone  with  other  hospitals, 
laeobs  added  that  although 

standardized _ jfflgn'j^aknta 

lii'sSSEr  Citrix  Shifts  Focus  to  Remote  Access 

1  J  '  Wants  to  move 
lions  closed  i he  puHicSm-  past  server-based 

mcnls  period  on  n  proposed  app  ddiverV 


increasingly  a  “strategic  cfc- 
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Health  Care  IT  Plans 
Get  a  Renewed  Push 

Bush,  industry  groups  try  to  jump-start  | 

adoption  of  new  medical  technologies  could  improve  patient  safety. 


iss.,  that’s  backed  by  Part-  i  dards  is  essential  to  dev< 
rs  Healthcare  System  Inc.  a  national  electronic  ret 


Citrix  Shifts  Focus  to  Remote  Access 

Joint  Commission  on  Accredi-  W&nfS  tO  mOVe  I  tionS  from  remote  Nations  is  |  -our  guys  are  not  good  typ- 

tions  closed  the  public  com-  p3St  SerVer~foaSed  ment"  in  a  business’s  IT  infra-  Having  that  capability 

r^rProPOSed  app  delivery  »raclur<:.hcsaid.  would  allow  Masco  to  send 
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Nortel  Ousts  CEO  Amid  I  Ss 


Welcome  To  Your  New  Office. 

On  The  Go  E-mail  Access  From  Verizon  Wireless. 

Keep  your  employees  connected  to  important  e-mail,  schedules  and  contacts  with  VZEmair  Verizon  Wireles 
now  offers  the  latest  PDAs  and  Smartphones  complete  with  Wireless  Sync.  Making  work  more  productive 
efficient  and  convenient-even  outside  the  office.  One  more  reason  why,  for  all  your  company’s  wireless  needs 
we  mean  business. 


Contact  our  business  representatives  at  1.866.899.2862  or  log  on  to  verizonwireless.c 


Offshoring  Foes  Protest 
At  IBM  Annual  Meeting 


Global  strategy 
is  key,  Palmisano 
tells  shareholders 


al  company  with  very  stro 
businesses  internationally, 
not  just  in  the  US.  and  sai 
needs  to  “look  at  a  global  s 
pool  around  the  world.”  H< 
pointed  to  $25  million  the 

Human  Capital  Alliance,  a 
skills  retraining  program,  j 
though  he  acknowledged  t 
the  effort  is  just  beginning 


Cultural  Shift 


Your  IT  budgets  and  staff  have  been  slashed. 


Fortunately  you  have  the  most  manageable 

video  conferencing  systems  in  the  world. 


Connect  Any  Way  Vw  Want 


IT’S 

PAYBACK 

TIME. 


(©server 


Not  only  are  IBM  eServer  xSeries  systems 
powered  by  Intel  Xeon  processors,  they  raise  the 
question,  how  high  can  you  make  your  ROI? 
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SECURITY 

Thankfully  that  cost  is  low  with  the  new  Firebox’  X  -  the  integrated,  expandable  network 
security  appliance  that  delivers  the  highest  security  at  the  lowest  total  cost  of  ownership. 

WatchGuard 

Fireboxx 


Dillard’s  department  stores  found  a  real  bargain. 
Xerox  assessed  and  streamlined  their  company-wide  work 
processes  and  printing  needs,  saving  them  $1.6  million. 
There’s  a  new  way  to  look  at  it. 


Learn  more:  xerox.com/learn  For  a  sales  rep:  1-800-ASK-XER0X  ext.  LEARN 


XEROX. 


20  cffmEmu.*,**  urimun 

MARYFRAN  JOHNSON 

Spyware  Wake-up  Call 

PIMM  FOX 

Google  Me 
This 

-W-  IKE  MOST  OBLIVIOUS  USERS,  I’ve  never  programs  is  all  part  and  parcel  of  the 

K  given  much  thought  to  spyware.  I’ve  al-  freeware [Quickunk 4645ttExhibit 

I  ways  shrugged  it  off  as  just  another  slimy  A  is  the  wildly  popular  Kaaaa  Media 

|  advertising  gimmick  in  an  online  world 

^  *  chock-full  of  them.  But  as  any  security  also  delivers  multiple  adware  pro- 

■JT  TT  THEN  mixed  with 
\\f  money,  IT  is  a  dr 
T  V  The  combo  make 
ordinarily  sane  people  forg 
their  past  The  toxic  cocktail  unlea! 
a  tidal  wave  that  washes  away  all  a 

expert  will  tell  yOU,  anybody  who  surfs  the  Net  has  grams  (and  much  worse).  If  down- 

spyware  on  his  machine. 

Just  check  out  the  giddy  display  < 

READERS’  LETTERS 


Corporate 
Innovation 
And  the  CIO 

Like  clockwork,  al¬ 
most  exactly  four  years 
after  the  bursting  of  the 
Internet  bubble  in  March 
2000,  the  pendulum  has  begun  to 


Want  Fixes  or  Not? 

yy  E  IT  FOUIS  ARE  FICKLE.  20  paid 


and  potential  damage  to  its  repute-  haven't  bean  made  available.  Gel-  W|-R  Overfoad 

lion.  I  lust  hope  a  can  keep  this  up  ting  dtem  to  check  Windows  Up-  rtH  BOY.  yet  another 'nallocttr 

and  doesn't  give  In  to  the  complain-  dateoncelshaidenough.Tiyiiet'  Uwtdi  net**  [-McDonalds  to 

ere.  Sure,  these  patches  are  evi-  hog  them  to  go  back  repeatedly  for  Superslze  Use  o»  Wi-Fi  Core**- 

dence  of  holes  due  to  products  the  same  issues.  Yet  Microsoft  Dons,"  Qmddjnk  46251J  So,  let  s 

doppy  coding  and  testing,  or  what-  are  too  W  to  keep  their  systems  Web  surfing, 


Web  surfing,  fH  go  to  Starbucks  and  writ  be  erfrted  for  brevity  and  danty. 


Wayport  rf  I  wart  Wi-fi  there.  (And  I 
guess  my  Cometa  Hotspot  that  was 
usable  at  McDonald’s  m  Washing- 


Spyware  Wake-up  Call  Go^lfsMe 


WHEN  mixed  with 

money,  IT  is  a  drug. 
The  combo  makes 
ordinarily  sane  people  forget 
their  past.  The  toxic  cocktail  unleashes 

Think  I’m  kidding? 
lust  check  out  the  giddy  display  of 
amnesia  sweeping  the  investment 

fering  of  Mountain  View,  Calif  based 
Remember,  we're  not  talking  jet  en- 
worthless  compared  with  the  expected 

of  flying  machines  produced  revenue 
of  S31.8  billion  last  year,  selling  such 
as  F-16  fighter 


130,000  employees, 
but  its  $20.8  billion 
market  cap  is  only 

Speaking  of  paper. 
Google  is  likely  to  be 


sipping  coffee?  Unfortunately,  that  won’t 


to  make  about  SI00  million  flogging  a 
company  whose  main  product  is  wide¬ 
ly  used  and  often  imitated.  No,  it 

bother  those  who  throw  around  terms 


INTO  THE  OFFICE 

Once  viewed  as  simply  a  consumer 
desktop  problem,  spyware  is  increasingly 
viewed  as  a  corporate  liability  that  IT 
has  to  address,  by  Robert  l.  mitchell 


Need  Answers  to  Your 
Business  Intelligence  Questions? 

Apply  to  Attend  Computerworld’s  IT  Executive  Summit 
on  Business  Intelligence 


end-user  organization,  apply  to 
attend  one  of  Computerworld's 
upcoming  complimentary  one-day 
summits  on  Business  Intelligence. 
Neither  a  product  nor  a  system. 
Business  Intelligence  (Bl)  is 
an  architecture  -  a  collection  of 
interrelated  operational  and 
business  performance  measurement 
applications  and  databases. 

The  only  way  to  succeed  with  Bl 
applications  is  to  understand  their 
complexity,  their  cross-organizational 
nature,  the  needs  of  knowledge 
workers,  your  competition,  your 
market,  and  customer  trends. 

This  summit  will  give  you  a 
comprehensive,  one-day  overview  - 
and  will  arm  you  with  the  latest 
thinking  and  tools  to  make  the 
right  investments  in  Bl. 


•  Complimentary  registration 


New  York  City  •  June  3,  2004 


Chicago  •  June  9,  2004 

Sheraton  Chicago  Hotel  &  Towers  •  301  East  North  Water  Street 


10:45am  to  11:15am 


Exclusively  sponsored  by: 

5>sas.  intel 


Extensible  Stylesheet  Language 
(XSL)  is  a  family  of  languages 
and  specifications  designed  for 
laying  out  and  presenting  XML 
documents  and  data  in  speci¬ 
fied  formats  appropriate  for  the 
final  output  medium  or  device. 
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A  server  engineered  to  deliver  on  both  sides  of  the  price/performance  equation. 


^  McAfee 


TECHNOLOGY 


BRIEFS 


WebSphere  Gets 
Commerce  Upgrade 


Riverbed  Spawns 
WAN  Appliance 


VMware  Supports 
64-bit  Processors 


CA  Releases  Oracle 
Productivity  Pack 


The  Cost  of 
Shortterm  CIOs 


Back  IN  the  June  10, 1996,  issue  of  Com- 
puterworld.  I  first  reported  on  the  average 
longevity  of  CIOs  in  their  jobs.  Based  on 
comparisons  between  1994  and  1995, 1  calcu¬ 
lated  the  one-year  turnover  rate  for  CIOs  to 
be  24%,  which  translated  into  an  average  job-tenure  ex¬ 
pectancy  of  25  to  28  months. 

Those  estimates  were  widely  quoted  in  many  arti¬ 
cles  by  authors  who  arrived  at  various  conclusions 

about  the  significance  of  100  CIOs  I 


reappear  in  2003.  There  < 


be  only  66  CIOs 
er  12  monihs.  Half  of  the  CIOs 

imated  CIO  pop- 


ent  from  what  it  was  in  1994/1995. 1 
lake  this  view  because  the  sources 
of  my  information  —  the  IT  press  — 
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WebSphere  Gets 
Commerce  Upgrade 


Riverbed  Spawns 
WAN  Appliance 


The  Cost  of 
Shortterm  CIOs 

BACK  IN  THE  June  10, 1996,  issue  of  Com-  therefore  offers  a  positively  bit 

puterworld,  I  first  reported  on  the  average 

longevity  of  CIOs  in  their  jobs.  Based  on  would  tend  to  shift  the  actual  i 

comparisons  between  1994  and  1995, 1  calcu- 
lated  the  one-year  turnover  rate  for  CIOs  to  cio  loser  would  never  get  the 
be  24%,  which  translated  into  an  average  job-tenure  ex-  Uon  6°®  the  press,  whether  h, 
pectancy  of  25  to  28  months.  “Tftad  fo^’Xetvations  wot 

Those  estimates  were  widely  quoted  in  many  arti-  “  *c  satae  way  that  i  did  in  m 

cles  by  authors  who  arrived  at  various  conclusions 


CA  Releases  Oracle 
Productivity  Pack 


«  whether  a  perfectly  predictable  foul-up.  Thu 

ed  CIO  pop-  the  short  time  on  a  job  becomes  a  s 
is  20  or  35  fulfilling  prophecy  for  avoiding  re- 
'  data  avail-  sponsible  leadership.  High  CIO  tun 
assume  that  over  is  one  of  the  telling  symptoms 


MANAGEMENT 


Culture 

group  had  an  important  im¬ 
pact  on  the  projects. 

Are  you  saying  that  the  IT  people 

business  people?  The  communi¬ 
cation  at  the  hospital  was 

WARS 

enced  IT  leader  who  effective¬ 
ly  broke  down  barriers  be¬ 
tween  the  IT  folks  and  the 
individuals  affected  by  the 

tion  at  the  social  services  or¬ 
ganization  was  poor. 

failures  of  communication 

Does  the  IT  subculture  contribute  to  project  failure? 
New  research  from  Syracuse  University  says  yes. 

Why  do  IT  i  common  ethnocentricity.  i  look  at  three  organizations  im- 

between  IT  people  and  the 
administration  contributed 
to  the  problems  with  the  tech¬ 
nology-driven  change. 

How  did  this  show  its*?  Plan- 

in  the  IT  group  who  could 
articulate  the  benefits  of  the 
changes  to  those  who  would 

changes  were  viewed  with 


cultures,  and  these  caused 


groups.  These  conflicts  were 
rooted  in  differing  beliefs 


about  the  potential  benefits  of 
the  technology.  The  IT  people 
valued  compatibility  with  ex- 
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Culture 

WAFTS 

Does  the  IT  subculture  contribute  to  project  failure? 
New  research  from  Syracuse  University  says  yes. 


MANAGEMENT 


Offshore  Hot  Spots 

The  top  six  countries  on  the 


The  IT  Economy 


On-the-Fly  Crisis 
Management 
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General  Motors 
Signs  With  Covisint 


Stenbit  Named  to 
Cryptek  Board 


John  P.  Stenbit  has  been  appoint¬ 
ed  to  the  board  of  advisers  of 
Cryptek  Inc.,  a  Sterling.  Va.- 


tion  integration.  He  played  an  in- 


White  Joins  GTESS 
Board  of  Directors 


GTESS  Corp-  a  Richardson. 
Texas-based  provider  of  business 


What  We 
Have  to  Fear 


ATELY  I’VE  HAD  a  troubling  sense  that  there 
is  a  cancer  growing  in  IT  departments  these 
days.  No,  I’m  not  talking  about  constrained 
budgets,  poor  alignment,  hiring  freezes  or 
project  failures.  I’m  not  even  talking  about 
the  growth  of  outsourcing  and  offshoring.  While  these 
issues  are  all  real,  there  seems  to  be  something  even 
more  toxic  eating  away  at  our  industry. 

What  could  possibly  be  more  threatening  to  IT  staffs 
than  offshoring?  Fear  of  offshoring. 

This  faceless,  nameless  dark  terror  seems  to  be 
gnawing  away  at  the  morale  of  IT  professionals  every- 


But  frankly,  whether  I  like  offshoring 
doesn’t  really  matter.  It’s  here,  and  it’s 
not  going  away.  Although  the  legal 


lis  that  are  largely  beyoni 


WANT  OUR  OPINION? 
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General  Motors 
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PAUL  GLEN 


What  We 
Have  to  Fear 


Lately  I'VE  had  a  troubling  sense  that  there 
is  a  cancer  growing  in  IT  departments  these 
days.  No,  I’m  not  talking  about  constrained 
budgets,  poor  alignment,  hiring  freezes  or 
project  failures.  I’m  not  even  talking  about 
the  growth  of  outsourcing  and  offshoring.  While  these 
issues  are  all  real,  there  seems  to  be  something  even 
more  toxic  eating  away  at  our  industry. 

What  could  possibly  be  more  threatening  to  IT  staffs 
than  offshoring?  Fear  of  offshoring. 

This  faceless,  nameless  dark  terror  seems  to  be 
gnawing  away  at  the  morale  of  IT  professionals  every- 


a  group,  ignoring  it  won’t  make  it  go 
away.  The  fear  of  the  unspoken  is 
much  more  intense  than  the  fear  of  an 
issue  openly  discussed.  If  you’re  going 
to  experiment  with  offshoring,  explain 
the  purpose  of  the  experiment  If  you 
are  going  to  do  a  major  project  explain 


played  out  there  are  probably  much 

anything  that  might  actually  happen. 

Plan  for  the  future.  A  group  without  a 
clear  understanding  of  its  future 
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FRANK  HAYES  ■  FRANKLY  SPEAKING 


Shameless 


IT'S  YOUR  FAULT.  Yeah  you,  Mr.  or  Ms.  Corporate  IT  Person. 
Microsoft  says  it’s  your  fault,  and  the  fault  of  your  users,  that 
there  are  so  many  security  problems  with.  Microsoft  software. 
Oh,  sure,  there  are  security  holes  in  Microsoft  products.  But 
Microsoft  does  patch  them  —  eventually.  And  unless  corpo¬ 
rate  IT  does  a  better  job  of  promptly  applying  those  patches,  as  well 
as  training  users  in  safe  computing  practices  —  well,  there’s  only  so 
much  Microsoft  can  do. 


Yes,  at  Microsoft  irony  is  dead.  And  so,  apparently,  is  shame. 


c  a  high-level  Microsoft  r 
named  Jonathan  Perera  was  making  the  ifs- 
your-fault-too  pitch  at  the  Infosecurity  Europe 
conference  in  London.  At  exactly  the  same 


round  of  attacks  on  Microsoft  products,  includ¬ 
ing  IIS  and  Exchange  Server,  based  on  yet  an¬ 
other  Microsoft  buffer  overflow  vulnerability. 

Microsoft  had  issued  a  patch  for  that  security 
hole  just  two  weeks  earlier.  But  the  hole  is  in 
every  version  of  Windows  NT  and  XP  Pro  that 
has  shipped  since  Windows  NT  4.0  in  1996. 

In  other  words,  it  took  Microsoft  almost  eight 
years  to  find  and  fix  this  hole  —  a  hole  that  ex¬ 
ists  only  because  of  Microsoft  product  develop¬ 
ment  policies  that  in  another  profession  would 
be  called  malpractice.  But  now  we’re  told  it’s 
corporate  IT’s  fault  too,  because  in  two  weeks 
we  haven't  patched  the  12.5  million  servers  and 
200  million  client  PCs  affected.  (That’s  the  cur¬ 
rent  Windows  NT,  Server  and  XP  Professional 
installed  base,  according  to  IDC.) 

Why  haven’t  we  patched  them?  Everybody 
knows  the  answer  because  of  the  cost.  There’s 

crosoft  that  we  can’t  afford  to  apply  every  patch 


or  the  third  —  so  all  those  patches 
won’t  be  necessary?  Remember,  this 
most  recent  security  hole  has  sur¬ 
vived  code  reviews  for  several  gen¬ 
erations  of  Microsoft  products,  in¬ 
cluding  the  supposedly  improved 
security  vetting  Microsoft  has  put 
in  place  since  the  start  of  its  Trusted 


i  isn’t  a  subtle  bug, 
to  spot  —  if  you’re 
ut  Microsoft  doesn’t  want 


Microsoft  would  rather  wait  until  hundreds 
of  millions  of  copies  are  in  use  —  so  we're  the 
ones  who  pay  for  applying  those  patches. 

Of  course,  customers  will  foot  the  bill  in 
either  case.  If  the  code  is  fixed  before  it  ships, 
we  pay  in  higher  prices.  If  it’s  fixed  after  it 
ships,  we  have  the  cost  of  patching. 

But  how  much  is  it?  Let’s  say  it  costs  $80  for 
the  average  IT  shop  to  apply  this  most  recent 
patch  to  each  affected  Windows  server.  That  in¬ 
cludes  all  the  costs  of  testing,  resolving  con¬ 
flicts  and  deploying  —  in  other  words,  $80  is  a 

But  it  still  means  a  total  cost  to  corporate  IT 


found  this  bug  before  shipping  the  software  for 
a  lot  less  than  $2  billion?  Betcha  they  could  have. 

Then  we’d  have  at  least  one  less  security 
problem  to  deal  with.  And  we  could  be  apply- 

cating  users  in  safe  computing  — 
like  Microsoft  says  we  should  be 
doing  —  instead  of  spending  them 
furiously  applying  one  billion- 
dollar  patch  after  another.  Patches 
that  would  be  unnecessary  if  Mi¬ 
crosoft’s  “it’s  your  fault  too"  man¬ 
agement  had  decided  to  get  the 
code  right  before  it  shipped. 
Which  would  also  have  fixed 
the  problems  at  a  much  lower 

Pretty  ironic,  huh? 

Or  maybe  just  shameful.  ©  46535 


